package com.xmcc.filter;


import com.xmcc.common.ApplicationContextHelper;
import com.xmcc.common.ResultJson;
import com.xmcc.pojo.SysAcl;
import com.xmcc.pojo.SysRole;
import com.xmcc.pojo.SysUser;
import com.xmcc.service.SysAclService;
import com.xmcc.service.SysCoreService;
import com.xmcc.utill.JsonUtil;
import com.xmcc.utill.ThreadLocalCommon;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import java.util.logging.LogRecord;

public class AclFilter implements Filter {
    private static final List<String> urlList = new ArrayList<>();
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        //获得web.xml注解上的init初始化的参数名字获得values值：properties/freeAcl.properties
        String aclPath = filterConfig.getInitParameter("aclPath");
        System.out.println("获得properties配置的路径："+aclPath);//获得配置的路径  来去掉哪些不用拦截
        InputStream resourceAsStream = AclFilter.class.getClassLoader().getResourceAsStream(aclPath);
        Properties properties = new Properties();
        try {
            properties.load(resourceAsStream);
                String freeAcl = properties.getProperty("freeAcl");
            String[] split = freeAcl.split(",");
            for (String s : split) {
                urlList.add(s);//得到不用被拦截的路径
            }

        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;

        //查询到当前用户所有的权限  url 在查看当前的请求url是否包含在其中
        SysUser sysUser = ThreadLocalCommon.popSysUser();   //获得当前用户
        //获得当前请求路径
        String servletPath = request.getServletPath();
        System.out.println("获得请求的路径："+servletPath);
        //有的路径不用拦截 urlList不用遍历的吗？？
        if (urlList.contains(servletPath)|sysUser.getId().equals(1)) {
            filterChain.doFilter(request, servletResponse);//---走到servlet 或者controller
            return;
        }
        //拦截登录...这儿参考登录filter TODO:

        //判断权限

        SysCoreService sysCoreService = ApplicationContextHelper.getBean(SysCoreService.class);

        Set<Integer> aclId = sysCoreService.getAclIdByUser(sysUser.getId());

      /*  //查询当前用户所拥有的角色
        List<SysRole> sysRoles = sysCoreService.queryRoleByUser(sysUser.getId());
        //再根据角色查询权限
        List<SysAcl> sysAcls = sysCoreService.queryAclByRoleId(sysRoles);
        //获得不重复的权限id
        Set<Integer> aclId = sysCoreService.getAclId(sysAcls);*/

        //根据url查询当前访问的权限点id集合
        SysAclService sysAclService = ApplicationContextHelper.getBean(SysAclService.class);
        List<SysAcl> urlAclIds = sysAclService.queryAclByUrl(servletPath);
        boolean flag = false;
        for (SysAcl urlAcl : urlAclIds) {
            //用户拥有该权限   urlAcl.getStatus()!=1权限没启用
            if (aclId.contains(urlAcl.getId()) || urlAcl.getStatus() != 1) {
                flag = true;//
            }
        }
        if (flag) {//表示有权限
            filterChain.doFilter(request, servletResponse);//---走到servlet 或者controller
            return;
        } else {//表示没有权限
            //判断是哪种请求
            if (servletPath.contains(".json")) {
                response.setContentType("html/text;charset=utf-8");
                servletResponse.setContentType("application/json");//指定返回到前台的是json数据
                ResultJson resultJson = ResultJson.fail("没有该权限哦aaaa");
                response.getWriter().write(JsonUtil.object2string(resultJson));
                return;
            }
            response.sendRedirect("/noAuth.jsp");
            return;
        }
    }
    /*private void judgeAcl( Integer userId,){

    }*/
        @Override
        public void destroy () {

        }

}
